Hackers like Google Tag Manager: millions of sites use it, and they can inject custom scripts and HTML code via a script from the highly trusted domain googletagmanager.com. In order to create a new container and abuse Google Tag Manager, Continue reading 40 New Domains of Magecart Veteran ATMZOW Found in Google Tag Manager
Consumers spent a whopping $35.3 billion during last year’s cyber week shopping season. With Cyber Monday accounting for $11.3 billion in revenue alone, this period remains one of the biggest online shopping events of the year. Unfortunately, hackers are making Continue reading Black Friday & Cyber Monday Ecommerce Security Threats
MageCart infections most often come in the form of complex, obfuscated JavaScript injected into Magento database tables such as core_config_data, or as malicious plugins or core file injections installed into WordPress / WooCommerce environments (which are increasingly common, and may Continue reading Decoding Magecart: Credit Card Skimmers Concealed Through Pixels & Images
Last week on August 8th, 2023, Adobe released a critical security patch for Adobe Commerce and the Magento Open Source CMS. The patch provides fixes for three vulnerabilities which affect the popular ecommerce platforms. Successful exploitation could lead to arbitrary Continue reading Critical Security Update for Magento Open Source & Adobe Commerce
Welcome to another installment in helping website owners secure their digital assets, this time with a focus on the world of ecommerce. If you’re an ecommerce website owner, you’re likely aware that online stores face a unique set of challenges Continue reading How to Secure Your Online Store: A Ecommerce Security Primer
Attackers are always on the hunt for vulnerable websites. Whether you have a WordPress, Magento, or Joomla website — you’ll want to take steps to keep your site and server secure. In today’s post, we’ll be outlining the top twelve Continue reading Top 12 Website Hardening Tips
Consumers spent a whopping $33.9 billion during Cyber Week last year. With the average adult spending $430 on Black Friday alone, this period remains one of the biggest online shopping events of the year. Unfortunately, hackers are making bank alongside Continue reading Black Friday & Cyber Monday Ecommerce Security Threats
Magento store owners using the popular FishPig extensions should be wary of a recent supply chain attack which compromised their software repository. FishPig released a detailed security announcement on September 13th, 2022. The attack is estimated to have occurred on Continue reading Magento Supply Chain Attack Targets Extension Developer FishPig
There’s no one specific topic or target or audience when it comes to website security. But when you clean enough hacked websites, you start to see trends and techniques emerge in the landscape. In my last presentation at WordCamp Europe, Continue reading Security Lessons Learned from 2021
E-commerce websites are valuable targets for attackers. Bad actors often leverage creative techniques to conceal their credit card stealers and gather sensitive credit card information from online storefronts. A recent investigation for a compromised Magento website revealed a rather interesting Continue reading It Takes 2 Seconds of Silence to Skim a Credit Card
Magento’s payment provider gateway offers functionalities for site owners to integrate stores with payment service providers. This handy feature lets a website create and handle transactions based on order details and allows for out-of-the-box integrations with payment service providers like Continue reading Credit Card Stealer Targets PsiGate Payment Gateway Software
One of the most important monitoring tools in our security platform is our Sucuri SiteCheck scanner. It’s a free tool to scan your website for known malicious content and malware injections. The usage of SiteCheck also allows us to monitor Continue reading WordPress Overtakes Magento in Credit Card Skimmers